Microsoft SharePoint Server Elevation of Privilege

LetsDefend Monitoring Alert

Oct, 06, 2023, 08:05 PM

Event ID: 189

Event Time: Oct, 06, 2023, 08:05 PM

Rule Name: SOC227 - Microsoft SharePoint Server Elevation of Privilege - Possible CVE-2023-29357 Exploitation

Alert Type: Web Attack

MITRE Technique:

T1548 - Privilege Escalation - Abuse Elevation Control Mechanism,

T1068 - Privilege Escalation - Exploitation for Privilege Escalation,

T1212 - Credential Access - Exploitation for Credential Access,

Real World Example:⭐ The CVE-2023-29357 vulnerability is a critical privilege escalation vulnerability that, when combined with other vulnerabilities, could lead to remote code execution. A CVSS score of 9.8 (Critical) an

Severity: Critical

Security Analyst

45305 Catalina ct. Suite 150, Sterling VA 20166